Processors and other devices implementing encryption systems are often provided with code-protected internal memories to store one or more encryption keys.
In many security application systems today, various attack methods are being used to reveal confidential information stored within code-protected internal memories of devices. These can include mathematical attacks, invasive physical attacks, and non-invasive physical attacks.
One method of non-invasive physical attack is known as “differential power analysis” (DPA). DPA monitors the current consumption or noise emission signatures of synchronous designs to determine what data is being manipulated, thus revealing confidential information.
For example, FIG. 1 illustrates various power consumption traces of an exemplary encryption module. FIG. 1a illustrates power supply current from trigger point to sending. FIG. 1b illustrates power supply current during programming. FIG. 1c illustrates power supply current during encryption, and FIG. 1d illustrates the end of encryption. From such power consumption traces, a DPA may be used to determine, for example, software keys and other encrypted information. In particular, DPA gathers a large number of samples from such traces by repeating encryption over a large number of cycles. The samples are compared and a statistical analysis is performed to determine similarities to identify the encryption key.
DPA is known to be sensitive to signal-to-noise ratios of monitored systems. Accordingly, techniques are known for introducing noise into such systems to prevent DPA. However, such techniques typically use randomly generated signals derived from a single synchronous clock source. Consequently, a DPA statistical analysis may overcome such approaches.